Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/kWZqnAqGVCQZUMelFlFHrbydZtM.roa
File: kWZqnAqGVCQZUMelFlFHrbydZtM.roa (raw, json)
Hash identifier: 9J/2cfRnnGFBEvwGJLQNSpjlPJ6nqFC3XpqXj5zCg1w=
Subject key identifier: 91:66:6A:9C:0A:86:54:24:19:50:C7:A5:16:51:47:AD:BC:9D:66:D3
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 0196E7C77434EFBEC53C161BBC8EEA7C1E72
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/kWZqnAqGVCQZUMelFlFHrbydZtM.roa
Signing time: Mon 19 May 2025 09:02:10 +0000
ROA not before: Mon 19 May 2025 09:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.172.0/26 maxlen: 26
5.195.172.64/26 maxlen: 26
5.195.172.128/26 maxlen: 26
5.195.172.192/26 maxlen: 26
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.165.0/26 maxlen: 26
194.170.165.64/26 maxlen: 26
194.170.165.128/26 maxlen: 26
194.170.165.192/26 maxlen: 26
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
195.229.137.0/24 maxlen: 24
195.229.137.0/26 maxlen: 26
195.229.137.64/26 maxlen: 26
195.229.137.128/26 maxlen: 26
195.229.137.192/26 maxlen: 26
2001:8f8::/32 maxlen: 32
2001:8f8:0:14::/63 maxlen: 63
2001:8f8:0:14::/64 maxlen: 64
2001:8f8:0:15::/64 maxlen: 64
2001:8f8:0:121::/64 maxlen: 64
2001:8f8:0:122::/64 maxlen: 64
2001:8f8:0:124::/62 maxlen: 62
2001:8f8:0:124::/64 maxlen: 64
2001:8f8:0:125::/64 maxlen: 64
2001:8f8:0:126::/64 maxlen: 64
2001:8f8:0:127::/64 maxlen: 64
2001:8f8:0:128::/62 maxlen: 62
2001:8f8:0:128::/64 maxlen: 64
2001:8f8:0:129::/64 maxlen: 64
2001:8f8:0:12a::/64 maxlen: 64
2001:8f8:0:12b::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:c7:74:34:ef:be:c5:3c:16:1b:bc:8e:ea:7c:1e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: May 19 09:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91666a9c0a8654241950c7a5165147adbc9d66d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:e2:26:ad:68:1e:fe:3e:eb:09:47:a8:6b:
86:6a:26:07:f5:dc:21:d2:8f:1f:3b:43:91:a2:48:
48:44:97:e0:73:03:58:1b:92:cb:17:08:d9:66:14:
1b:14:ae:18:23:b4:1c:46:d3:3c:04:66:53:69:49:
ea:7a:be:c2:5f:0f:9b:c2:16:9e:7e:f3:b6:56:07:
bc:a0:39:17:2c:14:7d:27:e3:7e:13:cb:2a:06:1d:
66:ed:9c:a8:91:28:1f:b1:50:e4:87:66:10:d4:17:
50:14:05:dd:2a:d3:11:b3:ec:3a:13:77:88:13:d0:
b4:67:0a:92:a3:9f:27:57:ec:e0:0f:96:3c:a3:f9:
48:dd:39:fb:0f:17:4d:b7:8d:91:46:44:19:45:83:
da:73:6e:2e:24:f7:1b:1d:55:57:f7:74:42:a8:1e:
a7:07:c9:07:41:20:b4:3f:3f:88:ab:f3:d7:55:75:
a3:62:4e:1a:f9:38:10:be:66:e7:76:20:94:f9:07:
04:a7:0b:3d:26:bd:8e:53:e8:b7:0f:11:67:7f:fd:
fd:cf:cb:3e:05:ba:ac:3c:91:7a:e5:8a:97:2f:e2:
6e:a2:96:11:15:e3:ee:aa:f0:40:f6:87:82:1b:50:
4e:33:d8:e8:56:8d:85:25:ba:17:a9:66:37:53:a6:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:66:6A:9C:0A:86:54:24:19:50:C7:A5:16:51:47:AD:BC:9D:66:D3
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/kWZqnAqGVCQZUMelFlFHrbydZtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
195.229.137.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
43:4f:23:28:6a:5d:46:32:5e:5e:5f:58:f1:f5:9b:e7:13:8d:
a3:6a:87:fd:27:aa:52:d4:3e:f7:b9:2e:38:1d:bd:83:c5:f3:
8c:9b:a4:b8:15:89:1d:89:9f:32:73:53:f7:a9:d6:ba:0a:0d:
a5:51:ae:8a:51:76:6b:25:78:85:ea:0f:90:e9:15:31:a4:e5:
63:15:50:cf:f4:bb:59:47:89:ed:07:7a:e5:1f:04:a2:f1:21:
ac:dd:c3:b6:b8:c2:e4:89:2d:be:6d:9a:9d:ca:e0:e2:7a:de:
3e:4e:0f:cb:72:ad:cb:1c:9a:4c:17:e1:27:7d:f5:63:a2:38:
1d:bf:89:b8:f7:6e:e2:35:69:33:f4:d3:5e:9b:2c:a9:d3:46:
e9:ba:72:84:8d:e2:a9:50:ef:8e:1b:cf:a7:26:ac:8c:bb:65:
25:2d:08:d9:86:d0:11:f1:c2:fb:9a:81:0d:2b:56:0e:dc:a1:
d8:5a:6c:4c:cb:3b:e3:49:26:66:76:aa:68:f3:de:40:df:59:
7c:8b:7a:97:0f:bb:e7:1f:e8:ce:9a:ac:0a:d5:37:06:23:81:
d5:c5:3c:08:3e:c1:f2:71:f8:6e:4e:2d:3d:00:4e:2f:05:c2:
b0:8b:23:c0:ec:a1:81:de:55:5a:bb:9b:98:0d:ee:9a:82:d4:
95:58:23:15
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZbnx3Q0777FPBYbvI7qfB5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwNTE5MDkwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY2NmE5YzBhODY1NDI0MTk1MGM3YTUxNjUxNDdhZGJjOWQ2NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz/iJq1oHv4+6wlHqGuGaiYH9dwh
0o8fO0ORokhIRJfgcwNYG5LLFwjZZhQbFK4YI7QcRtM8BGZTaUnqer7CXw+bwhae
fvO2Vge8oDkXLBR9J+N+E8sqBh1m7ZyokSgfsVDkh2YQ1BdQFAXdKtMRs+w6E3eI
E9C0ZwqSo58nV+zgD5Y8o/lI3Tn7DxdNt42RRkQZRYPac24uJPcbHVVX93RCqB6n
B8kHQSC0Pz+Iq/PXVXWjYk4a+TgQvmbndiCU+QcEpws9Jr2OU+i3DxFnf/39z8s+
BbqsPJF65YqXL+JuopYRFePuqvBA9oeCG1BOM9joVo2FJboXqWY3U6ZoDwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFJFmapwKhlQkGVDHpRZRR628nWbTMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEva1dacW5BcUdWQ1FaVU1lbEZsRkhyYnlkWnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIDBADD5YkwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcN
AQELBQADggEBAENPIyhqXUYyXl5fWPH1m+cTjaNqh/0nqlLUPve5LjgdvYPF84yb
pLgViR2JnzJzU/ep1roKDaVRropRdmsleIXqD5DpFTGk5WMVUM/0u1lHie0HeuUf
BKLxIazdw7a4wuSJLb5tmp3K4OJ63j5OD8tyrcscmkwX4Sd99WOiOB2/ibj3buI1
aTP0016bLKnTRum6coSN4qlQ744bz6cmrIy7ZSUtCNmG0BHxwvuagQ0rVg7codha
bEzLO+NJJmZ2qmjz3kDfWXyLepcPu+cf6M6arArVNwYjgdXFPAg+wfJx+G5OLT0A
Ti8FwrCLI8DsoYHeVVq7m5gN7pqC1JVYIxU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:06 2025 by rpki-client